Hector: Using Untrusted Browsers to Provision Web Applications
Authors:
David Goltzsche,
Tim Siebels,
Lennard Golsch,
RĂ¼diger Kapitza
Abstract:
Web applications are on the rise and rapidly evolve into more and more mature replacements for their native counterparts. This disruptive trend is mainly driven by the attainment of platform-independence and instant deployability. On top of this, web browsers offer the opportunity for seamless browser-to-browser communication for distributed interaction.
In this paper, we present Hector, a novel…
▽ More
Web applications are on the rise and rapidly evolve into more and more mature replacements for their native counterparts. This disruptive trend is mainly driven by the attainment of platform-independence and instant deployability. On top of this, web browsers offer the opportunity for seamless browser-to-browser communication for distributed interaction.
In this paper, we present Hector, a novel web application framework that transforms web browsers into a distributed application-centric computing platform. Hector enables offloading application logic to users, thereby improving user experience with lower latencies while generating less costs for service providers. Following the programming paradigm of Function-as-a-Service, applications are decomposed into functions so they can be managed efficiently and deployed in a responsive, scalable and lightweight fashion. In case of client-side resource shortage or unresponsive clients, execution falls back to a traditional cloud-based infrastructure. Hector combines WebAssembly for multi-language computations at near-native speed, WebRTC for browser-to-browser communication and trusted execution as provided by the Intel Software Guard Extensions so browsers can trust each other's computations. We evaluate Hector by implementing a digital assistant as well as a recommendation system. Our evaluation shows that Hector achieves lower end-user latencies while generating less costs than traditional deployments. Additionally, we show that Hector scales linearly with increasing client numbers and can cope well with unresponsive clients.
△ Less
Submitted 19 October, 2020;
originally announced October 2020.
CYCLOSA: Decentralizing Private Web Search Through SGX-Based Browser Extensions
Authors:
Rafael Pires,
David Goltzsche,
Sonia Ben Mokhtar,
Sara Bouchenak,
Antoine Boutet,
Pascal Felber,
RĂ¼diger Kapitza,
Marcelo Pasin,
Valerio Schiavoni
Abstract:
By regularly querying Web search engines, users (unconsciously) disclose large amounts of their personal data as part of their search queries, among which some might reveal sensitive information (e.g. health issues, sexual, political or religious preferences). Several solutions exist to allow users querying search engines while improving privacy protection. However, these solutions suffer from a n…
▽ More
By regularly querying Web search engines, users (unconsciously) disclose large amounts of their personal data as part of their search queries, among which some might reveal sensitive information (e.g. health issues, sexual, political or religious preferences). Several solutions exist to allow users querying search engines while improving privacy protection. However, these solutions suffer from a number of limitations: some are subject to user re-identification attacks, while others lack scalability or are unable to provide accurate results. This paper presents CYCLOSA, a secure, scalable and accurate private Web search solution. CYCLOSA improves security by relying on trusted execution environments (TEEs) as provided by Intel SGX. Further, CYCLOSA proposes a novel adaptive privacy protection solution that reduces the risk of user re- identification. CYCLOSA sends fake queries to the search engine and dynamically adapts their count according to the sensitivity of the user query. In addition, CYCLOSA meets scalability as it is fully decentralized, spreading the load for distributing fake queries among other nodes. Finally, CYCLOSA achieves accuracy of Web search as it handles the real query and the fake queries separately, in contrast to other existing solutions that mix fake and real query results.
△ Less
Submitted 27 July, 2018; v1 submitted 3 May, 2018;
originally announced May 2018.
